[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fH7hcNlx84WwOZ46bX7SJpMHw0jQ6yH2NnBnomoD0_qg":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":11,"unpatched_count":11,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":34,"analysis":74,"fingerprints":420},"curbon","CURBON","1.0.0","Curbon","https:\u002F\u002Fprofiles.wordpress.org\u002Fcurbon\u002F","\u003Ch4>Effortless carbon neutral e-commerce\u003C\u002Fh4>\n\u003Cp>CURBON’s plugin enables you to provide a carbon offsetting solution to your customers at no added cost to your company. The plugin calculates the climate cost of each transaction and utilises verified high-quality carbon credits to eliminate the environmental impact in real time, helping cultivate a climate-conscious consumer culture.\u003C\u002Fp>\n\u003Ch4>How it works\u003C\u002Fh4>\n\u003Cp>With this plugin, CURBON is making climate action accessible and cost-effective.CURBON’s plugin sits in your customer’s cart at checkout, where you or the customer can choose to offset their purchases. When a purchase is made carbon neutral, CURBON calculates the emissions of the cart and purchases carbon credits from high-quality carbon offsetting projects. The additional cost to offset ranges between 1.8% and 6% of your customer’s cart, depending on the products stocked in your store.\u003C\u002Fp>\n\u003Ch4>Benefits\u003C\u002Fh4>\n\u003Cp>Zero cost to company, or full company adoption\u003Cbr \u002F>\nCURBON’s plugin has two carbon-neutral e-commerce options for your store. The first is a zero-cost-to-company solution where your customers opt-in to offset. The second is a full carbon neutral solution where every product in your store is made carbon neutral upon checkout.\u003C\u002Fp>\n\u003Cp>Improve brand awareness\u003Cbr \u002F>\nChoosing CURBON means choosing to do things differently. Share your company’s carbon offsetting stats through your communications channels and let your customers know you’re doing your part in working toward a cleaner tomorrow. Taking climate action with CURBON creates opportunities for customer engagement and increases loyalty.\u003C\u002Fp>\n\u003Cp>Real, meaningful climate action\u003Cbr \u002F>\nCURBON’s projects do more than just protect the planet. Each step of CURBON’s carbon offsetting method is verified by leading international oversight bodies. This means both your company and your customers can trust that every transaction made is working toward a carbon-neutral future.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cp>Integrate with a click\u003Cbr \u002F>\nIntegrating CURBON into your online store requires just a few steps. Add the plugin from the app store and follow the prompts. Once the plugin is installed, customised and activated, you’re all set.\u003C\u002Fp>\n\u003Cp>Customise to your platform\u003Cbr \u002F>\nOur customisable templates allow you to modify the look and messaging of CURBON’s plugin in your store,  to seamlessly pair with your site’s design. If you tell us a little about your store offering, our team will evaluate your emissions to give your customers the most accurate carbon offsetting solution.\u003C\u002Fp>\n\u003Cp>Provide carbon neutral checkouts\u003Cbr \u002F>\nThis is climate action made easy. Once CURBON’s plugin is up and running, you or your customer will have the option to make their purchase carbon neutral with just the click of a button.\u003C\u002Fp>\n","CURBON lets your customers decrease the carbon impact of their purchases on your online store",0,2282,100,1,"2023-05-05T03:52:00.000Z","6.1.10","","7.4",[20,21,22,4,23],"carbon-neutral-checkout","carbon-offsetting","climate-friendly-checkout","sustainable-shopping","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcurbon\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcurbon.1.0.0.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":4,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},30,84,"2026-04-04T02:13:43.899Z",[35,57],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":11,"num_ratings":11,"last_updated":45,"tested_up_to":46,"requires_at_least":47,"requires_php":48,"tags":49,"homepage":54,"download_link":55,"security_score":26,"vuln_count":11,"unpatched_count":11,"last_vuln_date":27,"fetched_at":56},"carbonbalance-for-woocommerce","Carbon Balance: Carbon calculation and offsetting for WooCommerce","1.0.0.5","Carbon Balance","https:\u002F\u002Fprofiles.wordpress.org\u002Fcarbonbalance\u002F","\u003Cp>\u003Cstrong>Enable your customers to make their orders environmentally sustainable by offsetting their carbon emissions.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Carbon Balance is a platform that assists online stores in mitigating their carbon footprint and boosting their conversion rates. With Carbon Balance responsible online stores can encourage sustainable consumption and make a positive impact on the environment.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>How can Carbon Balance help my online store?\u003C\u002Fstrong>\u003Cbr \u002F>\n– Enable your customers to offset their carbon emissions with just one click\u003Cbr \u002F>\n– Achieve business sustainability in just minutes\u003Cbr \u002F>\n– Boost your conversion rates and customer engagement with sustainability\u003Cbr \u002F>\n– Integrate sustainability seamlessly into your customer journey\u003Cbr \u002F>\n– Support high-quality certified sustainability projects\u003C\u002Fp>\n\u003Cp>Introducing the Carbon Offset plugin for WordPress: Enable your customers to offset their carbon emissions with just one click. Achieve business sustainability in minutes and boost your conversion rates by integrating sustainability seamlessly into your customer journey.\u003C\u002Fp>\n\u003Cp>With our plugin, you can effortlessly offer your customers the opportunity to offset their carbon footprint, demonstrating your commitment to environmental responsibility. By supporting high-quality certified sustainability projects, you contribute to a greener future while engaging your customers in a meaningful way.\u003C\u002Fp>\n\u003Cp>Stand out from your competitors and increase customer loyalty by integrating sustainability into your brand. With our plugin, you can easily showcase your commitment to the planet and inspire your customers to take action towards a more sustainable world.\u003C\u002Fp>\n\u003Cp>Take the next step towards a greener future. Install the Carbon Offset plugin for WordPress and empower your customers to make a positive impact today.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Join us in combating climate change!\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fwww.carbonbalance.co\u002F\" rel=\"nofollow ugc\">more information on our site\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Please let us know if you have feedback\u002Fquestions or something doesn’t work as expected: drop us a line : \u003Ca href=\"mailto:support@carbonbalance.co\" rel=\"nofollow ugc\">support@carbonbalance.co\u003C\u002Fa> or use the support section on wordpress.org\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fcarbonbalance.co\u002Fterms-and-conditions\u002F\" rel=\"nofollow ugc\">Terms of Service\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Demo Videos\u003C\u002Fh3>\n\u003Cp>Please check the demo video\u003Cbr \u002F>\n[2023-06-20] Carbon Balance for WooCommerce Demo\u003Cbr \u002F>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F0TCyo5Exd4I?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n","Empower your customers to make their order more climate Friendly",10,1239,"2023-09-06T15:12:00.000Z","6.3.8","4.0","7.3",[21,50,51,52,53],"climate-neutral","co2-footprint","green","sustainability","https:\u002F\u002Fcarbonbalance.co","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcarbonbalance-for-woocommerce.zip","2026-03-15T14:54:45.397Z",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":43,"downloaded":65,"rating":66,"num_ratings":43,"last_updated":67,"tested_up_to":68,"requires_at_least":17,"requires_php":69,"tags":70,"homepage":17,"download_link":71,"security_score":32,"vuln_count":72,"unpatched_count":11,"last_vuln_date":73,"fetched_at":28},"co2ok-for-woocommerce","ClimateClick: Climate Action for all","2.0.9","Climate Click","https:\u002F\u002Fprofiles.wordpress.org\u002Fco2ok\u002F","\u003Cp>\u003Cstrong>Empower your customers to join your fight against climate change by allowing them to Fund Climate Action.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Climate Click is our ecommerce plugin and software solution that gives your customers a simple and effective way to play their part – turning every purchase into positive climate action, and helping you hit your sales and climate KPIs. At South Pole we’re on a mission to bring climate action to everyone on the planet and accelerate the shift to a low carbon world. Our scalable ecommerce solution brings climate action to every business – whatever your size or sector. Climate Click has been assisting online stores in compensating for their carbon emissions and boosting conversion rates since 2017. Join the growing community of sustainable-minded businesses and empower your customers to engage in conscious consumption.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>How Can Climate Click Help You?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Flight climate change within minutes\u003Cbr \u002F>\nOur ‘plug and play’ is set up in minutes and can be rolled out to all major ecommerce platforms. Climate Click also has fully bespoke options with seamless IT integration, a user-friendly UX and branded interface design. Our digital solution gives you the option to integrate emissions calculation across all customer touch-points and digital channels.\u003C\u002Fp>\n\u003Cp>Fund positive climate action with a click\u003Cbr \u002F>\nWith our user-friendly plugin, your customers can effortlessly compensate for the footprint of the emissions generated by the production and shipping of their purchases.\u003C\u002Fp>\n\u003Cp>Increase conversion and engagement by positively positioning your brand’s climate initiatives\u003Cbr \u002F>\nBy showcasing your sustainability efforts, you can boost conversion rates and customer loyalty. Our marketing support enables you to effectively engage with your customers and promote your joint carbon compensation initiatives.\u003C\u002Fp>\n\u003Cp>Unique integration of sustainability in your customer journey\u003Cbr \u002F>\nDifferentiate yourself with sustainability as your unique selling proposition by seamlessly integrating climate action into your customer journey. Customize the plugin and widgets to match your branding, and let our informative hover-over feature inform customers about your climate initiatives.\u003C\u002Fp>\n\u003Cp>Support gold standard certified sustainability projects\u003Cbr \u002F>\nWe exclusively collaborate with our internal SouthPole carbon offset projects which are highest quality. This ensures genuine sustainability impact that is transparent and reliable. Our impact calculator provides visibility into the cumulative offset achieved so far.\u003C\u002Fp>\n\u003Cp>Small price, big impact\u003Cbr \u002F>\nOur basic service is completely free of charge. Your customers will only pay a small fee for the compensation, typically around 1-2% of their order value. This ensures affordability while making a substantial environmental impact.\u003C\u002Fp>\n\u003Cp>Go sustainability! Join us in the fight against climate change!\u003C\u002Fp>\n\u003Cp>For further information, please visit our \u003Ca href=\"https:\u002F\u002Fwww.southpole.com\u002Fdigital-climate-solutions\" rel=\"nofollow ugc\">website\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>We welcome your feedback, questions, or any issues you encounter. Contact us at (climateclick@southpole.com) or utilize the support section.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.southpole.com\u002Fprivacy-policy\" rel=\"nofollow ugc\">South Pole Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpayments.southpole.com\u002Fterms-and-conditions?l=en\" rel=\"nofollow ugc\">Terms of Service\u003C\u002Fa>\u003C\u002Fp>\n","Empower your customers to make their order climate neutral",8567,92,"2023-11-29T08:30:00.000Z","6.2.9","7.0",[21,50,51,52,53],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fco2ok-for-woocommerce.2.0.9.zip",2,"2022-05-31 00:00:00",{"attackSurface":75,"codeSignals":223,"taintFlows":262,"riskAssessment":409,"analyzedAt":419},{"hooks":76,"ajaxHandlers":215,"restRoutes":216,"shortcodes":217,"cronEvents":222,"entryPointCount":14,"unprotectedCount":11},[77,84,88,93,97,101,105,109,112,115,119,121,127,129,132,137,141,146,151,155,158,163,166,170,173,176,180,185,189,194,198,201,203,207,211],{"type":78,"name":79,"callback":80,"priority":81,"file":82,"line":83},"action","plugins_loaded","curbon_init",20,"curbon.php",31,{"type":78,"name":85,"callback":86,"priority":43,"file":82,"line":87},"upgrader_process_complete","curbon_upgrade_woo_callback",130,{"type":78,"name":89,"callback":90,"file":91,"line":92},"admin_enqueue_scripts","adminEnqueueScripts","includes\\admin\\class-curbon-admin-enqueue-scripts.php",32,{"type":78,"name":94,"callback":95,"file":91,"line":96},"admin_head","adminInternalCss",33,{"type":78,"name":98,"callback":99,"file":100,"line":96},"admin_menu","addAdminMenu","includes\\admin\\class-curbon-admin-init.php",{"type":78,"name":102,"callback":103,"priority":43,"file":104,"line":96},"woocommerce_update_product","saveCurbonOnProductSave","includes\\admin\\class-curbon-admin-save-settings.php",{"type":78,"name":106,"callback":107,"file":104,"line":108},"admin_init","saveCurbonSettingsCallback",43,{"type":78,"name":106,"callback":110,"file":104,"line":111},"saveCurbonLookAndFeelCallback",51,{"type":78,"name":106,"callback":113,"file":104,"line":114},"saveCurbonOnboardingDataCallback",59,{"type":78,"name":116,"callback":117,"file":104,"line":118},"admin_notices","adminNotices",206,{"type":78,"name":116,"callback":117,"file":104,"line":120},235,{"type":78,"name":122,"callback":123,"priority":124,"file":125,"line":126},"wp_enqueue_scripts","publicEnqueueScripts",200,"includes\\class-curbon-enqueue-scripts.php",34,{"type":78,"name":122,"callback":128,"priority":124,"file":125,"line":108},"publicDynamicResources",{"type":78,"name":89,"callback":130,"priority":124,"file":125,"line":131},"adminEnqueueFonts",52,{"type":78,"name":133,"callback":134,"file":135,"line":136},"rest_api_init","registerRoutes","includes\\class-curbon-webhook-calls.php",73,{"type":78,"name":138,"callback":139,"file":140,"line":92},"activated_plugin","curbon_redirect_on_activation_callback","includes\\class-registration-activation-init.php",{"type":78,"name":142,"callback":143,"priority":144,"file":145,"line":72},"init","avada_nav_woo_cart",999999,"includes\\woo\\avada-functions-override.php",{"type":78,"name":147,"callback":148,"file":149,"line":150},"pre_get_posts","curbonHideCarbonOffsetFromExternalAccessCallback","includes\\woo\\class-curbon-woo-init.php",67,{"type":78,"name":152,"callback":153,"file":149,"line":154},"wp","curbonAddCarbonOffsetToCartOnBtnClickCallback",75,{"type":78,"name":152,"callback":156,"file":149,"line":157},"curbonRemoveCarbonOffsetFromCartOnBtnClickCallback",83,{"type":159,"name":160,"callback":161,"priority":43,"file":149,"line":162},"filter","woocommerce_cart_totals_after_order_total","filterWoocommerceUpdateCartActionCartUpdated",91,{"type":78,"name":152,"callback":164,"file":149,"line":165},"curbonSetShortcode",101,{"type":78,"name":167,"callback":168,"file":149,"line":169},"woocommerce_after_cart_table","curbonAddCarbonOffsetBtnOnCartPageCallback",110,{"type":78,"name":171,"callback":168,"file":149,"line":172},"woocommerce_before_checkout_form",120,{"type":78,"name":174,"callback":175,"file":149,"line":87},"woocommerce_mini_cart_contents","curbonAddCarbonOffsetBtnOnMiniCartCallback",{"type":78,"name":177,"callback":178,"file":149,"line":179},"woocommerce_thankyou","curbonCheckOrderAndManageOffsetCallback",140,{"type":78,"name":181,"callback":182,"priority":183,"file":149,"line":184},"woocommerce_quantity_input_max","curbonWoocommerceQuantityMax100Callback",9999,148,{"type":159,"name":186,"callback":187,"priority":183,"file":149,"line":188},"woocommerce_cart_item_quantity","curbonWoocommerceQuantityMax100InCartCallback",158,{"type":159,"name":190,"callback":191,"priority":192,"file":149,"line":193},"woocommerce_coupon_get_discount_amount","curbonZeroDiscountForOffsetCallback",12,168,{"type":159,"name":195,"callback":196,"priority":43,"file":149,"line":197},"wp_kses_allowed_html","curbonextendAllowedTags",178,{"type":78,"name":152,"callback":199,"file":149,"line":200},"removeOffsetIfWidgetDisableCallback",186,{"type":78,"name":152,"callback":199,"file":149,"line":202},191,{"type":159,"name":204,"callback":205,"file":149,"line":206},"manage_edit-shop_order_columns","curbonAdminOrderHasOffsetColumnCallback",194,{"type":78,"name":208,"callback":209,"file":149,"line":210},"manage_shop_order_posts_custom_column","curbonAdminOrderHasOffsetColumnContentCallback",202,{"type":78,"name":212,"callback":213,"priority":43,"file":149,"line":214},"woocommerce_order_refunded","curbonOrderWithOffsetRefundedCallback",210,[],[],[218],{"tag":219,"callback":220,"file":149,"line":221},"curbon-offset-box","curbonOffsetBoxOnShortcode",229,[],{"dangerousFunctions":224,"sqlUsage":225,"outputEscaping":231,"fileOperations":258,"externalRequests":259,"nonceChecks":260,"capabilityChecks":11,"bundledLibraries":261},[],{"prepared":72,"raw":14,"locations":226},[227],{"file":228,"line":229,"context":230},"uninstall.php",90,"$wpdb->get_col() with variable interpolation",{"escaped":232,"rawEcho":43,"locations":233},294,[234,238,239,241,243,246,248,251,254,256],{"file":235,"line":236,"context":237},"includes\\admin\\views\\curbon-card-manager.php",112,"raw output",{"file":235,"line":184,"context":237},{"file":235,"line":240,"context":237},157,{"file":235,"line":242,"context":237},301,{"file":244,"line":245,"context":237},"includes\\admin\\views\\curbon-settings.php",203,{"file":244,"line":247,"context":237},387,{"file":249,"line":250,"context":237},"includes\\admin\\views\\dashboard.php",54,{"file":252,"line":253,"context":237},"includes\\admin\\views\\onboarding\\onboarding-step-2.php",173,{"file":252,"line":255,"context":237},181,{"file":252,"line":257,"context":237},312,8,88,7,[],[263,298,347,372,382,390,400],{"entryPoint":264,"graph":265,"unsanitizedCount":14,"severity":297},"saveCurbonSettingsCallback (includes\\admin\\class-curbon-admin-save-settings.php:119)",{"nodes":266,"edges":291},[267,272,278,281,285],{"id":268,"type":269,"label":270,"file":104,"line":271},"n0","source","$_POST",154,{"id":273,"type":274,"label":275,"file":104,"line":276,"wp_function":277},"n1","sink","update_option() [Settings Manipulation]",183,"update_option",{"id":279,"type":269,"label":270,"file":104,"line":280},"n2",165,{"id":282,"type":283,"label":284,"file":104,"line":280},"n3","transform","→ curbon_update_shop_info()",{"id":286,"type":274,"label":287,"file":288,"line":289,"wp_function":290},"n4","wp_remote_request() [SSRF]","includes\\api\\class-curbon-laravel-api.php",453,"wp_remote_request",[292,294,296],{"from":268,"to":273,"sanitized":293},true,{"from":279,"to":282,"sanitized":295},false,{"from":282,"to":286,"sanitized":295},"medium",{"entryPoint":299,"graph":300,"unsanitizedCount":72,"severity":297},"\u003Cclass-curbon-admin-save-settings> (includes\\admin\\class-curbon-admin-save-settings.php:0)",{"nodes":301,"edges":338},[302,304,305,307,311,312,317,319,324,326,328,330,333,336],{"id":268,"type":269,"label":303,"file":104,"line":271},"$_POST (x2)",{"id":273,"type":274,"label":275,"file":104,"line":276,"wp_function":277},{"id":279,"type":269,"label":270,"file":104,"line":306},272,{"id":282,"type":274,"label":308,"file":104,"line":309,"wp_function":310},"wp_redirect() [Open Redirect]",305,"wp_redirect",{"id":286,"type":269,"label":270,"file":104,"line":221},{"id":313,"type":274,"label":314,"file":104,"line":315,"wp_function":316},"n5","wp_remote_get() [SSRF]",384,"wp_remote_get",{"id":318,"type":269,"label":303,"file":104,"line":221},"n6",{"id":320,"type":274,"label":321,"file":104,"line":322,"wp_function":323},"n7","file_put_contents() [File Write]",398,"file_put_contents",{"id":325,"type":269,"label":270,"file":104,"line":280},"n8",{"id":327,"type":283,"label":284,"file":104,"line":280},"n9",{"id":329,"type":274,"label":287,"file":288,"line":289,"wp_function":290},"n10",{"id":331,"type":269,"label":270,"file":104,"line":332},"n11",361,{"id":334,"type":283,"label":335,"file":104,"line":332},"n12","→ curbonGenerateFeaturedImageLookFeelCallback()",{"id":337,"type":274,"label":321,"file":104,"line":322,"wp_function":323},"n13",[339,340,341,342,343,344,345,346],{"from":268,"to":273,"sanitized":293},{"from":279,"to":282,"sanitized":293},{"from":286,"to":313,"sanitized":293},{"from":318,"to":320,"sanitized":293},{"from":325,"to":327,"sanitized":295},{"from":327,"to":329,"sanitized":295},{"from":331,"to":334,"sanitized":295},{"from":334,"to":337,"sanitized":295},{"entryPoint":348,"graph":349,"unsanitizedCount":72,"severity":297},"\u003Ccurbon-card-manager> (includes\\admin\\views\\curbon-card-manager.php:0)",{"nodes":350,"edges":367},[351,354,356,358,362,363,365],{"id":268,"type":269,"label":352,"file":235,"line":353},"$_GET",208,{"id":273,"type":274,"label":275,"file":235,"line":355,"wp_function":277},214,{"id":279,"type":269,"label":270,"file":235,"line":357},80,{"id":282,"type":274,"label":359,"file":235,"line":360,"wp_function":361},"echo() [XSS]",303,"echo",{"id":286,"type":269,"label":270,"file":235,"line":157},{"id":313,"type":283,"label":364,"file":235,"line":157},"→ curbon_update_shop_billing_info()",{"id":318,"type":274,"label":287,"file":288,"line":366,"wp_function":290},514,[368,369,370,371],{"from":268,"to":273,"sanitized":295},{"from":279,"to":282,"sanitized":293},{"from":286,"to":313,"sanitized":295},{"from":313,"to":318,"sanitized":295},{"entryPoint":373,"graph":374,"unsanitizedCount":11,"severity":381},"saveCurbonLookAndFeelCallback (includes\\admin\\class-curbon-admin-save-settings.php:216)",{"nodes":375,"edges":379},[376,377],{"id":268,"type":269,"label":270,"file":104,"line":221},{"id":273,"type":274,"label":275,"file":104,"line":378,"wp_function":277},231,[380],{"from":268,"to":273,"sanitized":293},"low",{"entryPoint":383,"graph":384,"unsanitizedCount":11,"severity":381},"saveCurbonOnboardingDataCallback (includes\\admin\\class-curbon-admin-save-settings.php:244)",{"nodes":385,"edges":388},[386,387],{"id":268,"type":269,"label":270,"file":104,"line":306},{"id":273,"type":274,"label":308,"file":104,"line":309,"wp_function":310},[389],{"from":268,"to":273,"sanitized":293},{"entryPoint":391,"graph":392,"unsanitizedCount":11,"severity":381},"\u003Ccurbon-look-and-feel> (includes\\admin\\views\\curbon-look-and-feel.php:0)",{"nodes":393,"edges":398},[394,397],{"id":268,"type":269,"label":270,"file":395,"line":396},"includes\\admin\\views\\curbon-look-and-feel.php",28,{"id":273,"type":274,"label":275,"file":395,"line":92,"wp_function":277},[399],{"from":268,"to":273,"sanitized":293},{"entryPoint":401,"graph":402,"unsanitizedCount":14,"severity":381},"\u003Ccurbon-settings> (includes\\admin\\views\\curbon-settings.php:0)",{"nodes":403,"edges":407},[404,406],{"id":268,"type":269,"label":270,"file":244,"line":405},5,{"id":273,"type":274,"label":275,"file":244,"line":260,"wp_function":277},[408],{"from":268,"to":273,"sanitized":295},{"summary":410,"deductions":411},"The \"curbon\" v1.0.0 plugin exhibits a generally good security posture based on the static analysis. The plugin demonstrates strong adherence to secure coding practices by utilizing prepared statements for a significant majority of its SQL queries and properly escaping nearly all its output. The absence of known vulnerabilities, both historically and currently, is a positive indicator.  Furthermore, the limited attack surface, with only one shortcode and no identified AJAX handlers or REST API routes that lack authentication checks, suggests a thoughtful approach to development.\n\nDespite these strengths, there are areas that warrant attention. The presence of four taint flows with unsanitized paths, even without critical or high severity, indicates a potential for unintended data handling that could be exploited under specific circumstances. While the plugin has no recorded CVEs, the extensive number of external HTTP requests (88) is a notable concern, as each request represents a potential avenue for third-party vulnerabilities or data exposure. The lack of capability checks also means that the plugin's functionality might be accessible to users who shouldn't have access, depending on how its shortcode is implemented and what actions it performs.",[412,414,416],{"reason":413,"points":43},"Taint flows with unsanitized paths",{"reason":415,"points":405},"No capability checks",{"reason":417,"points":418},"Large number of external HTTP requests",3,"2026-03-17T06:46:34.547Z",{"wat":421,"direct":432},{"assetPaths":422,"generatorPatterns":426,"scriptPaths":427,"versionParams":428},[423,424,425],"\u002Fwp-content\u002Fplugins\u002Fcurbon\u002Fassets\u002Fcss\u002Fjquery-ui.css","\u002Fwp-content\u002Fplugins\u002Fcurbon\u002Fassets\u002Fcss\u002Fcurbon-admin-style.css","\u002Fwp-content\u002Fplugins\u002Fcurbon\u002Fassets\u002Fjs\u002Fcurbon-admin-script.js",[],[425],[429,430,431],"curbon-admin-style","curbon-admin-script","curbon-jquery-ui",{"cssClasses":433,"htmlComments":435,"htmlAttributes":436,"restEndpoints":437,"jsGlobals":438,"shortcodeOutput":440},[434],"toplevel_page_curbon-dashboard",[],[],[],[439],"curbonAdminObj",[]]